2023-07-02 17:40:27 +00:00
|
|
|
id: tar-extraction
|
2022-12-22 10:57:38 +00:00
|
|
|
|
|
|
|
|
info:
|
2023-07-02 17:40:27 +00:00
|
|
|
name: Path Injection Vulnerability in TAR Extraction
|
2022-12-22 10:57:38 +00:00
|
|
|
author: me_dheeraj (https://twitter.com/Dheerajmadhukar)
|
|
|
|
|
severity: info
|
|
|
|
|
description: Insecure TAR archive extraction can result in arbitrary path over write and can result in code injection.
|
|
|
|
|
tags: file,nodejs
|
|
|
|
|
file:
|
|
|
|
|
- extensions:
|
|
|
|
|
- all
|
2022-12-22 11:37:08 +00:00
|
|
|
matchers:
|
2022-12-22 10:57:38 +00:00
|
|
|
- type: regex
|
|
|
|
|
regex:
|
2023-06-28 05:14:19 +00:00
|
|
|
- "require\\('tar-stream'\\)"
|
|
|
|
|
- "[\\w\\W]+?\\.createWriteStream\\([\\w\\W]*?\\, [\\w\\W]*?\\)"
|
|
|
|
|
- "[\\w\\W]+?\\.writeFile\\([\\w\\W]*?\\, [\\w\\W]*?\\)"
|
|
|
|
|
- "[\\w\\W]+?\\.writeFileSync\\([\\w\\W]*?\\, [\\w\\W]*?\\)"
|
2023-10-14 11:27:55 +00:00
|
|
|
condition: or
|
2023-10-20 11:41:13 +00:00
|
|
|
|
|
|
|
|
# digest: 490a0046304402207e72208a1944e7df2a904fe5c6f0286522d073ca069018194bf4e461a96c7f030220657b4086fb9b504fdfd3ee97fe79018b05f66382b367ba76d019e1d3e0a61c82:922c64590222798bb761d5b6d8e72950
|
